News & Insights

Why the Australian Signals Directorate’s (ASD) expansion of the cyber threat Top 4 to the Essential Eight is a great move

If you needed any further proof that cyber threats are only increasing, here it is. The Australian Signals Directorate (ASD) has doubled its Top 4 cyber security strategies to counter cyberattacks to an Essential Eight.

This is a welcome move, particularly as it now extends to a wider threat range than targeted attacks. Even the name of ASD’s document has changed from Strategies to mitigate targeted cyber intrusions to Strategies to mitigate cyber security incidents.

The role of ASD

ASD helps federal and state government authorities to deal with the security and integrity of information. It helps provide a greater understanding of sophisticated cyber threats, and coordinates and assists with operational responses to cyber incidents of national importance.

First major overhaul in seven years

This is the first major overhaul of the list since the Top 4 was originally published back in 2010.
Until now, the focus had been on the four key actions of:

application whitelisting

patching applications

patching operating system vulnerabilities

restricting administrative privileges.

The list now includes the additional tasks of:

disabling untrusted Office macros

user application hardening

implementing multi-factor authentication

daily back up of important data.

It is somewhat troubling that daily backup of important data needs to be emphasised. This should really be standard for businesses and government agencies.

The Essential Eight in full

Application whitelisting – A whitelist only allows the selected software applications in that list to run on computers. This prevents other software applications from running, including malware.

Disable untrusted Microsoft Office macros – Macros can be used to automate routine tasks but they are increasingly being used to enable the download of malware. Securing or disabling macros will prevent this type of attack.

User application hardening – By blocking web browser access to Adobe Flash Player, web ads and untrusted Java code, this cuts of three popular ways of delivering malware to workstations.

Restrict administrative privileges – By restricting such privileges to those who need them, the likelihood of a cyber attacker accessing an admin account is minimised.

Multi-factor authentication – By only granting a user access after producing two or more separate pieces of evidence relating to their identity, it makes it more difficult for hackers to infiltrate your system.

Daily backup of important data – If your data is securely backed up, the loss you will incur from a breach will be minimised. For example, a ransomware attack will only compromise one day’s worth of data as long as you backup daily. If you were to backup monthly, the fallout from a ransomware attack would be one month’s worth of data; a far worse situation.
According to ASD, implementing the Essential Eight creates a strong security foundation on which you can build your IT infrastructure. It’s a list of practical actions that can save the wasted time, money and effort, and avoid the reputational damage that comes with a successful attack. Given the cost of being attacked is usually more expensive than preventive measures, it makes sense to start with the Essential Eight.

In addition to those eight core strategies, there is an extensive list of recommended additional controls for organisations to implement.

At Aleron, we believe this move is a great next step in response to new and diverse types of threat currently affecting the industry.

Even though the ASD’s mitigation strategies are only mandatory for Australian Federal Government agencies, all organisations should look at adhering to them too.

What to do next

Remember, ASD’s mitigation strategies are aimed at government agencies, so they may not be perfect for your business needs. For example, if you follow ASD’s recommendation to turn off all macros, this could stop your internal applications from working properly and the resulting inefficiencies could cost as much as a security breach would have.

Start by understanding your appetite for risk and your current risk levels, then review the potential impact to your business of meeting the Essential Eight. It’s important to weigh up the pros and cons so you can make the right decision for your business.

While security may seem daunting, the good news is that there is a lot of help available. At Aleron, we provide a range of services around data security, such as platforms to protect and analyse data, helping you to assess the operations and results of your business.

We also offer fully-customisable, rapidly-deployable and automated secure cloud solutions; managed information security and infrastructure services and consulting; on-site security project support and advice, and security infrastructure management. We can even provide you with an information security strategy aligned to your specific needs.

Contact us today to find out more about how we can help you protect your organisation, starting with the Essential Eight.